Hi.
This is my first go at authoritive name serving and I'm finding it
very difficult.
All help appreciated.
First off a small oddity (it could be pebkac).
It appears my named.conf is okay and so are my master files.
If I do a ...
nslookup example.com 127.0.0.1
... I get a result returned that looks as per normal wth the IP
address I set in the master file.
If I do interactive mode and try likewise, nslookup sits there and does nothing.
I've tried appending a dot, using localhost instead of 127.0.0.1 and
various combinations thereof.
Am I missing something?
Probably a bigger issue for me is getting other machines to pull down
records from me.
I've tried to eliminate the usual suspects (looking at my interface,
pf, etcetera).
Here's a whole bunch of stuff (mostly typed by hand):
There's only one network card.
All IP stuff seems to be fine and I can use the ISP resolvers (from
resolv.conf) to surf the intarwebs (using lynx).
ifconfig
pppoe0: ...
inet 1.2.3.4 --> ISP_ROUTER
cat pf.conf
#options
set block-policy return
set debug urgent
set loginterface pppoe0
set optimization normal
set reassemble no
set require-order yes
set ruleset-optimization basic
set skip on lo
set state-policy if-bound
# block all
pass out log on pppoe0 from (pppoe0) to any
Note that the "block all" has been commented.
cat resolv.conf
lookup file bind
nameserver ISP_DNS_1
nameserver ISP_DNS_2
I'm a little unsure about naming (especially the hosts file).
The existing setup uses ns1.example.com as the NS.
cat myname
ns1.example.com
cat hosts
127.0.0.1 localhost
1.2.3.4 ns1.example.com // that's the external interface
cat named.conf
options {
recursion no;
allow-query {any;};
allow-query-cache {none;};
};
#zones //snipped out the default loopbacks and the hints
zone "example.com" {
type master;
file "master/example.com";
check-names fail;
};
Here's the RRs. I used absolute domain names.
cat example.com
example.com. IN SOA (
ns1.example.com. email_address
723742424872 1h 1h 1h 1h )
example.com. A 1.2.3.4 // that's the external interface
NS ns1.example.com.
ns1.example.com. A 1.2.3.4
named-checkconf and named-checkzone don't produce any output.
A look at /var/log/daemon shows me (again hand typed and snipped):
starting BIND
loading configuration from /etc/named.conf
listening on IPv4 interface lo0, 127.0.0.1#53
zone 127.in... loaded
zone example.com/IN: loaded 747247242748 //my serial
zone localhost/IN: loaded ...
ns1 named: running
Like I said if I do nslookup example.com 127.0.0.1 (or localhost) I
get an accurate result.
It concerns me above, from the log ("listening on IPv4 interface")
that only the loopback is listed.
The ARM tells me that by default I should be okay:
"If no listen-on is specified, the server will listen on port 53 on
all interfaces. ".
Like I said though other machines aren't looking at the records.
If I use a looking glass I can ping this machine by IP fine but if do
anything that requires a name I get "protocol or service not working"
and a reference to the DNS servers they use.
I'm happy to post more stuff (nslookup set d2), tcpdump, whatever.
Please let me know.
In case it's something really obvious to someone, I've held off for
now on setting up mail or USB or something on this machine.
Best wishes.
